CVE-2016-6733

HIGH

Android < 2016-11-05 - Elevation of Privilege via NVIDIA GPU Driver

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-6733. PoCs published by codecat007.

AI-analyzed exploit summary This PoC exploits a race condition in the NVIDIA GPU driver (CVE-2016-6733) by rapidly opening and closing channels via ioctl calls, leading to a use-after-free condition. The code spawns multiple threads to trigger the race, targeting the DRM (Direct Rendering Manager) interface.

Description

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906694. References: NVIDIA N-CVE-2016-6733.

Exploits (1)

github WORKING POC 8 stars

by codecat007 · cpoc

https://github.com/codecat007/cvehub/tree/main/android/securityPatch/CVE-2016-6733

View Code ZIP pw:eip

This PoC exploits a race condition in the NVIDIA GPU driver (CVE-2016-6733) by rapidly opening and closing channels via ioctl calls, leading to a use-after-free condition. The code spawns multiple threads to trigger the race, targeting the DRM (Direct Rendering Manager) interface.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Racy

Target: NVIDIA GPU driver (Linux kernel DRM subsystem)

No auth needed

Prerequisites: Access to the target device's /dev/dri/renderD129 interface · Multi-core CPU for thread scheduling

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94140

Vendor Advisory x_refsource_confirm

https://source.android.com/security/bulletin/2016-11-01.html

Scores

CVSS v3 7.3

EPSS 0.0003

EPSS Percentile 11.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (2)

google/android < 7.0

Google Inc./Android Kernel-3.18

Published Nov 25, 2016

Tracked Since Feb 18, 2026